## Compliance Phase Improvements ### InSpec 4.46.13 InSpec has been updated from 4.41.20 to 4.46.13 with the following enhancements: - Added `rocky` and `almalinux` Linux distributions to `service` resource. - Added the ability to handle files without headers in the `csv` resource. - Added the option to establish connection using a UNIX socket in the `postgres_session` resource. - Fixed the `opa_cli` and `opa_api` resources so they are able to verify an empty result. ## Resource Updates ### powershell_package_source The `powershell_package_source` was updated to support authenticating to package sources with new `user` and `password` properties. The existing `url` property has also been renamed to `source_location`, which better describes the purpose of this property. The existing `url` property will continue to function for backward compatibility with any existing cookbook code. ### openssl_x509_certificate The `openssl_x509_certificate` resource was updated to correctly use the provided CA key when signing the new certificate. Thanks for reporting this [@nico-loeber](https://github.com/nico-loeber)! ## System Detection ### :Tc Ohai Plugin A new optional Ohai plugin `:Tc` has been added to detect tc qdisc information for network interfaces on Linux systems. Thanks for this new plugin [@MatthewMassey](https://github.com/MatthewMassey)! To enable this optional plugin set `ohai_optional_plugins [:Tc]` in the [chef_client_config](https://docs.chef.io/resources/chef_client_config/) resource. ## Packaging ### Ubuntu 16.04 We are once again producing packages for Ubuntu 16.04. Canonical, the maker of Ubuntu, has extended support for Ubuntu releases for a full 10 years, so the previously EOL Ubuntu 16.04 release is no longer EOL. ## Security ### OpenSSL 1.0.2zb OpenSSL has been updated from 1.0.2za to 1.0.2zb to resolve issues with Let's Encrypt certificates. ### cacerts The cacerts bundle has been updated to the 2021-07-25 release which removes older expired root certificates and adds the following new root certificates: * AC RAIZ FNMT-RCM SERVIDORES SEGUROS * GlobalSign Root R46 * GlobalSign Root E46 * GLOBALTRUST 2020 * ANF Secure Server Root CA * Certum EC-384 CA * Certum Trusted Root CA